Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding support for probe-all-ips #245

Closed
ehsandeep opened this issue Apr 24, 2021 · 2 comments · Fixed by #427 or #437
Closed

Adding support for probe-all-ips #245

ehsandeep opened this issue Apr 24, 2021 · 2 comments · Fixed by #427 or #437
Assignees
@Mzack9999
Labels
Priority: Medium This issue may be useful, and needs some attention. Status: Completed Nothing further to be done with this issue. Awaiting to be closed. Type: Enhancement Most issues will probably ask for additions or changes.

Comments

@ehsandeep
Copy link
Member

ehsandeep commented Apr 24, 2021
edited
Loading

Similar to naabu's -scan-all-ips for HTTP probing (-probe-all-ips)

Example:-

host hackerone.com
hackerone.com has address 104.16.99.52
hackerone.com has address 104.16.100.52

Currently, httpx will perform HTTP probing using one of the above IP, with this feature support, httpx will probe to hackerone.com using both or any number of available A records associated with given host.

This support may discover interesting cases/behavior which usually gets missed.

Example httpx run:-

echo hackerone.com | httpx -probe-all-ips -sc
https://hackerone.com [200]
https://hackerone.com [403]
{
  "timestamp": "2021-10-13T15:49:11.833371454Z",
  "scheme": "https",
  "port": "443",
  "path": "/",
  "body-sha256": "bf697861898d0a7fabf4886f0eb238a440f45622e062ef40ac266e5575796347",
  "header-sha256": "85c064bac54690f0a775398be081156967bc4f4f3b87dfd51d9e53ce9da464ba",
  "a": [
    "104.16.99.52",
    "104.16.100.52"
  ],
  "url": "https://hackerone.com:443",
  "input": "hackerone.com",
  "location": "https://www.hackerone.com/",
  "webserver": "cloudflare",
  "content-type": "text/html",
  "method": "GET",
  "host": "104.16.99.52",
  "content-length": 92,
  "status-code": 302,
  "csp": {
    "domains": [
      "b5s.hackerone-ext-content.com",
      "errors.hackerone.net",
      "https://errors.hackerone.net/api/30/csp-report/?sentry_key=374aea95847f4040a69f9c8d49a3a59d",
      "www.youtube-nocookie.com",
      "a5s.hackerone-ext-content.com",
      "www.google-analytics.com",
      "cover-photos.hackerone-user-content.com",
      "hackathon-photos.hackerone-user-content.com",
      "profile-photos.hackerone-user-content.com",
      "hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com"
    ]
  },
  "response-time": "237.485752ms",
  "failed": false
}
{
  "timestamp": "2021-10-13T15:49:11.833371454Z",
  "scheme": "https",
  "port": "443",
  "path": "/",
  "body-sha256": "bf697861898d0a7fabf4886f0eb238a440f45622e062ef40ac266e5575796347",
  "header-sha256": "85c064bac54690f0a775398be081156967bc4f4f3b87dfd51d9e53ce9da464ba",
  "a": [
    "104.16.99.52",
    "104.16.100.52"
  ],
  "url": "https://hackerone.com:443",
  "input": "hackerone.com",
  "location": "https://www.hackerone.com/",
  "webserver": "cloudflare",
  "content-type": "text/html",
  "method": "GET",
  "host": "104.16.100.52",
  "content-length": 92,
  "status-code": 403,
  "csp": {
    "domains": [
      "b5s.hackerone-ext-content.com",
      "errors.hackerone.net",
      "https://errors.hackerone.net/api/30/csp-report/?sentry_key=374aea95847f4040a69f9c8d49a3a59d",
      "www.youtube-nocookie.com",
      "a5s.hackerone-ext-content.com",
      "www.google-analytics.com",
      "cover-photos.hackerone-user-content.com",
      "hackathon-photos.hackerone-user-content.com",
      "profile-photos.hackerone-user-content.com",
      "hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com"
    ]
  },
  "response-time": "237.485752ms",
  "failed": false
}
@ehsandeep ehsandeep added Type: Discussion Some ideas need to be planned and disucssed to come to a strategy. Type: Enhancement Most issues will probably ask for additions or changes. labels Apr 24, 2021
@ehsandeep ehsandeep added the Status: Available No one has claimed responsibility for resolving this issue label May 13, 2021
@Mzack9999 Mzack9999 self-assigned this Aug 6, 2021
@sickwiz
Copy link

sickwiz commented Aug 23, 2021

I would like to work on this issue. Please assign it to me and if possible, refer some codes that might be helpful

@ehsandeep
Copy link
Member Author

@sickwiz any idea how would you like to see or display the results of all IPs associated with the domain to CLI or is it something to keep within JSON output only?

@ehsandeep ehsandeep added Priority: Medium This issue may be useful, and needs some attention. and removed Type: Discussion Some ideas need to be planned and disucssed to come to a strategy. labels Oct 13, 2021
@zerodivisi0n zerodivisi0n mentioned this issue Oct 23, 2021
Merged
@ehsandeep ehsandeep linked a pull request Oct 23, 2021 that will close this issue
Add probe-all-ips feature #427
Merged
@ehsandeep ehsandeep added the Status: In Progress This issue is being worked on, and has someone assigned. label Oct 23, 2021
@ehsandeep ehsandeep removed the Status: Available No one has claimed responsibility for resolving this issue label Oct 30, 2021
@ehsandeep ehsandeep linked a pull request Nov 19, 2021 that will close this issue
v1.1.4 Release preparation #437
Merged
2 tasks
@forgedhallpass forgedhallpass changed the title [Feature] Adding support for probe-all-ips Adding support for probe-all-ips Nov 22, 2021
@Mzack9999 Mzack9999 added Status: Review Needed The issue has a PR attached to it which needs to be reviewed and removed Status: In Progress This issue is being worked on, and has someone assigned. labels Nov 30, 2021
@ehsandeep ehsandeep added Status: Completed Nothing further to be done with this issue. Awaiting to be closed. and removed Status: Review Needed The issue has a PR attached to it which needs to be reviewed labels Dec 1, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Mzack9999 Mzack9999

Labels
Priority: Medium This issue may be useful, and needs some attention. Status: Completed Nothing further to be done with this issue. Awaiting to be closed. Type: Enhancement Most issues will probably ask for additions or changes.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add probe-all-ips feature zerodivisi0n/httpx
v1.1.4 Release preparation projectdiscovery/httpx
3 participants
@ehsandeep @Mzack9999 @sickwiz